topic Re: McAfee best practice with Microsoft products. in Endpoint Security (ENS)https://community.mcafee.com/t5/Endpoint-Security-ENS/McAfee-best-practice-with-Microsoft-products/m-p/647287#M7206
Hi, thanks for sharing this relevant information, I understand that Microsoft's recommendations are for all existing antivirus types and not specific for McAfee ? , and another question if i may , all the Exclusion anti-virus thing , is about teaching the anti-virus to scan in specific places by policy and putting a files paths ?<BR />Thu, 23 Jan 2020 21:00:50 GMTAvivLevi2020-01-23T21:00:50ZMcAfee best practice with Microsoft products.https://community.mcafee.com/t5/Endpoint-Security-ENS/McAfee-best-practice-with-Microsoft-products/m-p/647261#M7199
<P class="x-hidden-focus">hi guys im working now with several servers in my enterprise organization like ( exchange , adfs , sccm ,scom , and others) and part of the policy at my organization is the implementation of the McAfee agent on the servers , my question is whether Microsoft a Best Practice for defining the McAfee policy on the servers so that they do not utilize more resources like cpu and memory ? , for example one time the Sccm server start to overuse his cpu and working on the server was very slow , we discovered later that mcafee was the cause to that because he was scanning all the sccm files and there were a lot , so we needed to configure his policy to do not scan some areas .</P><P>&nbsp;hope you guys can help me .</P><P>have a good day .</P><P>&nbsp;</P>Thu, 23 Jan 2020 18:19:56 GMThttps://community.mcafee.com/t5/Endpoint-Security-ENS/McAfee-best-practice-with-Microsoft-products/m-p/647261#M7199AvivLevi2020-01-23T18:19:56ZRe: McAfee best practice with Microsoft products.https://community.mcafee.com/t5/Endpoint-Security-ENS/McAfee-best-practice-with-Microsoft-products/m-p/647269#M7200
<P>The agent itself does no scanning.&nbsp; I will move this over to the ens team.</P>Thu, 23 Jan 2020 19:06:54 GMThttps://community.mcafee.com/t5/Endpoint-Security-ENS/McAfee-best-practice-with-Microsoft-products/m-p/647269#M7200cdinet2020-01-23T19:06:54ZRe: McAfee best practice with Microsoft products.https://community.mcafee.com/t5/Endpoint-Security-ENS/McAfee-best-practice-with-Microsoft-products/m-p/647272#M7201
<P>Hi&nbsp;<LI-USER uid="221453"></LI-USER>&nbsp;</P>
<P>Microsoft has some lists for each of their products of recommended antivirus exclusions.</P>
<P>Main consolidated list of articles:&nbsp;<A href="https://social.technet.microsoft.com/wiki/contents/articles/953.microsoft-anti-virus-exclusion-list.aspx" target="_blank">https://social.technet.microsoft.com/wiki/contents/articles/953.microsoft-anti-virus-exclusion-list.aspx</A></P>
<P>SCCM specific article:&nbsp;<A href="https://support.microsoft.com/en-us/help/327453/recommended-antivirus-exclusions-for-configuration-manager-2012" target="_blank">https://support.microsoft.com/en-us/help/327453/recommended-antivirus-exclusions-for-configuration-manager-2012</A></P>
<P>Thanks,</P>Thu, 23 Jan 2020 19:16:14 GMThttps://community.mcafee.com/t5/Endpoint-Security-ENS/McAfee-best-practice-with-Microsoft-products/m-p/647272#M7201mbuehler2020-01-23T19:16:14ZRe: McAfee best practice with Microsoft products.https://community.mcafee.com/t5/Endpoint-Security-ENS/McAfee-best-practice-with-Microsoft-products/m-p/647287#M7206
Hi, thanks for sharing this relevant information, I understand that Microsoft's recommendations are for all existing antivirus types and not specific for McAfee ? , and another question if i may , all the Exclusion anti-virus thing , is about teaching the anti-virus to scan in specific places by policy and putting a files paths ?<BR />Thu, 23 Jan 2020 21:00:50 GMThttps://community.mcafee.com/t5/Endpoint-Security-ENS/McAfee-best-practice-with-Microsoft-products/m-p/647287#M7206AvivLevi2020-01-23T21:00:50ZRe: McAfee best practice with Microsoft products.https://community.mcafee.com/t5/Endpoint-Security-ENS/McAfee-best-practice-with-Microsoft-products/m-p/647339#M7213
<P>We have the following KB on how to improve performance when using ENS:</P>
<P><A href="https://kc.mcafee.com/corporate/index?page=content&amp;id=KB88205" target="_blank" rel="noopener">https://kc.mcafee.com/corporate/index?page=content&amp;id=KB88205</A></P>
<P>&nbsp;</P>
<P>Note that if you are using ENS with the scan option "Let McAfee Decide" then you will not need to implement many exclusions at all, as these have all been embedded into the product by our Trust Model.&nbsp;</P>
<P>I refer to the following KB: <A href="https://kc.mcafee.com/corporate/index?page=content&amp;id=KB66909" target="_blank" rel="noopener">https://kc.mcafee.com/corporate/index?page=content&amp;id=KB66909</A></P>
<P><STRONG><SPAN>"IMPORTANT:&nbsp;</SPAN></STRONG><SPAN>The Microsoft exclusions and McAfee applications listed in this article are</SPAN><STRONG><SPAN>&nbsp;</SPAN>not<SPAN>&nbsp;</SPAN></STRONG><SPAN>needed for ENS if you select the option&nbsp;</SPAN><STRONG>Let McAfee Decide</STRONG><SPAN>&nbsp;when choosing when to scan files with the on-access scanner. For more information about how the option&nbsp;</SPAN><STRONG>Let McAfee Decide<SPAN>&nbsp;</SPAN></STRONG><SPAN>uses the AMCore trust model for scan avoidance, see the community post at:&nbsp;</SPAN><A href="https://community.mcafee.com/t5/Documents/Explanation-of-AMCore-Trust-Model-v1p3-pdf/ta-p/550630" target="_blank" rel="noopener">https://community.mcafee.com/t5/Documents/Explanation-of-AMCore-Trust-Model-v1p3-pdf/ta-p/550630</A><SPAN>."</SPAN></P>
<P>&nbsp;</P>
<P>For any vendor specific recommendations though, you would need to ask the vendor themselves - in this case Microsoft. We can only advise on settings for our products.&nbsp;</P>Fri, 24 Jan 2020 08:54:35 GMThttps://community.mcafee.com/t5/Endpoint-Security-ENS/McAfee-best-practice-with-Microsoft-products/m-p/647339#M7213chealey2020-01-24T08:54:35Z